Building cyber resilience

Building cyber resilience within the evolving global supply chain

Considerations of Today’s Supply Chain

Today’s supply chain has progressed to efficiently manage the flow of goods, information, and resources across international boundaries to meet consumer demand and enhance business operations. Its value lies in optimizing production costs, improving product availability, fostering global trade, and driving economic growth by connecting markets and leveraging comparative advantages.

These tremendous benefits, however, have become fraught with significant challenges, including rising costs, labor shortages or disruptions, political uncertainty and volatility, and increasing cyber risks.

To address some of these obstacles, there is widespread belief and bipartisan signaling indicating a shift toward increasing onshoring, nearshoring, and friendshoring efforts. The Department of Homeland Security (DHS) contextualizes the challenges by stating “the world is at a crossroads whether to continue to focus on onshoring or improving the resilience of global supply chains.” (1) All three options require that organization’s doing business with any third-party vendors must regularly re-evaluate their supply chain and engage thorough cybersecurity reviews, both internally and externally, to limit negative repercussions.

Breaking Down the Cyber Risks

Any disruption in the supply chain, particularly vendor changes due to strategic shifts in sourcing, can increase cyber exposure for involved organizations. When confronted with these potential supply chain risks, 60% of businesses will seek to develop alternative suppliers, 42% will prioritize improving business continuity initiatives, and 37% will work toward identifying and remediating supply chain bottlenecks (2).

Each new supplier signifies a new cyber risk, particularly when there is not a track record of security, or the vendor has not been thoroughly vetted for cyber maturity. Recent indicators that highlight the severity of the challenges indicate that approximately 75% of third-party vendor data breaches specifically (targeted) the technology and software aspects of the supply chain. The same DHS study found that 29% of all data breaches were third-party attacks. (1)

While re-routing the supply chain may address some of these risks on an international scale, it can create new, similar issues just on a smaller, regional scale.

Cyber and Business Resilience Responses

The biggest risks facing organizations today, according to leaders within those organizations, are cyber incidents and business interruption, both of which are exacerbated by supply chain challenges. Optimizing resilience in the face of persistent supply chain challenges and these leading organizational risks are imperative for businesses in all industries. It is beneficial to build multi-layered defenses that focus on business continuity and strengthening cybersecurity. While no business wants to experience a supply chain related cyberattack, preparation for such an event should be considered.

Incident Response (IR) Preparation

For complex systems like the supply chain, a panacea does not exist. Still there are solutions that can help limit associated cyber risks and meaningfully boost security. An effective response to any cyber or business continuity threat requires planning prior to the occurrence of any incident. Resilience requires that organizations solidify and implement a strong cyber IR if an attack materializes. IR preparation provides a structure framework for how an organization’s leaders at all levels are to act if a cyber incident transpires. In responding to supply chain challenges, IR planning includes identifying contingencies that can help minimize damage, limit operational downtime, improve decision making, and enhance communication during what can be a highly stressful time.

Cyber Assessments

Originating organizations and third parties alike can benefit from cyber assessments as another layer of preparation for what can happen. Cyber Risk Quantification, for instance, can help identify all at-risk assets and then assess the financial consequences of cyber incidents targeting them, helping organizations prioritize investments. When paired with Cyber Maturity Assessments of vendors, identified risks can be more effectively identified and remediated before damage is inflicted by threat actors. In conducting such assessments, it is important that every endpoint is reviewed to limit its capacity for initial access by unauthorized users.

assessment

Image (source 3)

Any third party deemed non-critical should be screen with a health check, a lightweight assessment that evaluates the organization’s cybersecurity strategy and its implementation, including its people, processes, and technology stack. For critical third parties, screening them with Penetration Testing, an in-depth attempt to exploit existing vulnerabilities in a vendor’s environment to understand how a malicious intrusion might occur. Building confidence in the cyber controls of third-party partners can bring valuable security and peace of mind.

Security Operations Center (SOC) Monitoring

Third party vendors are not the only supply chain risk. It is imperative for originating organizations to maintain robust internal controls and programs that optimize their security posture and limit losses following a cyberattack. Among the most useful cyber strategies to deploy are Managed Detection and Response (MDR) software on every endpoint and having this cyber program managed and monitored 24/7/365 by an experienced team from a SOC.

Running day-to-day business operations is hard enough without having its leaders, most of whom are not fluent in the evolving cyber landscape, being tasked with understanding and implementing effective cyber practices. Engaging with a team of experienced and certified cyber professionals who actively monitor for threats and remediate what is detected can help prevent catastrophe.

Considerations for Manufacturing and Construction

Conversations about onshoring, nearshoring, or friendshoring frequently prioritize the shifting of manufacturing facilities and processes with an emphasis on using local resources and labor. A primary benefit to construction organizations when these shifts occur is minimizing supply chain delays or bottlenecks. It can also provide increased control, whether from regulations or enhanced vetting, of risk management and resiliency practices.

Manufacturing is considered a critical industry for most economies. As such, it is highly targeted by financially motivated threat actors and political adversaries. In fact, the FBI identified manufacturing as the 2nd most targeted industry for ransomware (4). Strategic initiatives like the CHIPS Act, which attempts to increase the domestic production of semiconductors for strategic, national security, and supply chain purposes, offer a glimpse into how a shift in manufacturing can have a significant impact on the global economy.

Construction in the U.S., particularly manufacturing facilities and urban development, is undergoing a resurgence. Research from MIT indicates “construction [has been] increasing by 40% over recent years” with bi-partisan efforts to increase that rate (5). The sheer amount of money involved in doing so produces an enticing target for threat actors.

If increasing amounts of money are invested into regional construction projects, the industry standard cyber risks become magnified and increasingly important to defend against. Furthermore, construction firms rely heavily on third-party vendors, which are frequently targeted to disrupt projects, unsettle supply chains, and extort organizations.

A 2023 report found that “59% of [construction] firms experienced a cybersecurity threat within the last two years” highlighting a significant challenge to a critical industry (6).

Conclusion

The evolving landscape of today’s supply chain presents both remarkable opportunities and significant challenges. As organizations navigate the complexities of the global economy, they must remain vigilant against the cyber risks that accompany supply chain disruptions and vendor changes. The strategic shift toward onshoring, nearshoring, and friendshoring highlights the necessity for robust cyber resilience measures and meticulous vendor assessments. By implementing a comprehensive cybersecurity program, businesses can fortify their defenses against potential threats, particularly in critical industries like manufacturing and construction, where supply chain integrity is paramount for business continuity. Concerted efforts to enhance cybersecurity can help mitigate risks and bolster the overall resilience of the supply chain, fostering a secure and sustainable business environment for the future.

SOURCES

  1. DHS, https://www.dhs.gov/sites/default/files/2022-10/Building%20Supply%20Chain%20Resilience.pdf
  2. Allianz Risk Barometer, https://www.dhs.gov/sites/default/files/2022-10/Building%20Supply%20Chain%20Resilience.pdf
  3. image ZRS, https://edge.sitecorecloud.io/zurichinsurf8c0-zwpshared-prod-d824/media/project/zurich-headless/zrs/docs/cyber-security/cyber_supply_chain-factsheet.pdf
  4. FBI, https://www.ic3.gov/AnnualReport/Reports/2023_IC3Report.pdf
  5. MIT, https://sloanreview.mit.edu/article/a-reshoring-renaissance-is-underway/
  6. Dodge Construction Network, https://www.construction.com/resource/data-resilience-in-design-and-construction/

Categories

Connect With Us

Featured Articles

building cyber resilience
Building cyber resilience within the evolving global supply chain
27 January 2025
Cybersecurity Checklist
Cybersecurity Checklist for PowerSchool Breach
24 January 2025
fasthttp
fasthttp Used in New Bruteforce Campaign
13 January 2025
Deepfake Fraud
Combating Deepfake Fraud is a Growing Challenge for Organizations
10 January 2025

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture